Presentation is loading. Please wait.

Presentation is loading. Please wait.

Model construction and verification for dynamic programming languages Radu Iosif

Published byJessie Elliott Modified over 8 years ago

Similar presentations

Presentation on theme: "Model construction and verification for dynamic programming languages Radu Iosif"— Presentation transcript:

1 Model construction and verification for dynamic programming languages Radu Iosif (iosif@cis.ksu.edu)

2 Outline Semantics of dynamic programs Extensions to the BIR language The dSPIN model checker Symmetry and Partial Order reductions Abstractions for dynamic languages

3 Semantics In a dynamic program the number of state components changes constantly along an execution path Configurations are described by means of partial mappings Transitions define also how components are added/removed from configurations

4 Domains and operations (exp) Store = Variables  Values  Heap = (Locations  Store  ) X Locations Thread = Control X Store Pool = (ThreadId  Thread  ) X ThreadId State = Store X Heap X Pool new : Heap  Heap X Locations start : Pool  Pool X ThreadId

5 Bandera IR A dynamic guarded commands language (invented by James Corbett) Operational semantics definition led to the discovery of a number of inconsistencies, e.g. in the runtime type system Extended to handle dynamic threads in addition to heap objects

6 Future plans for BIR/back-end Recursive functions and polymorphism Exceptions issues related to the observation of exceptional events by a property Build a dSPIN target

7 dSPIN: dynamic SPIN Extension of the SPIN model checker with support for: pointers dynamic creation of objects recursive functions and polymorphic calls garbage collection www.cis.ksu.edu/~iosif/dspin

8 dSPIN (cont.) Adding dynamic features to the input languages causes the state space to blow up On-the-fly reductions: canonical symmetry reductions for heap model checking algorithm that combines heap with process symmetry use of partial order reductions in combination with heap symmetry

9 Symmetry and PO reduction Basic idea: heap objects can be ordered (strictly and totally) based on their reachability chains Combining heap with process symmetry uses the idea of path unwinding This strategy makes symmetry reductions compatible with fairness Better PO reduction by extending the notion of independence to allocators

10 Future plans for dSPIN Define the semantics of and implement imprecise exceptions Add support for handling heap abstractions Use of pointer and escape analysis to further improve partial order reduction

11 Abstractions for dynamic languages Heap abstractions (shape graphs) investigate the use of program transformation vs. on-the-fly parametric techniques refinement of abstractions what kind of predicates should be added? how can the property guide the refinement? how can we use counterexamples? Other abstractions: threads, locks, stack

Download ppt "Model construction and verification for dynamic programming languages Radu Iosif"

Similar presentations

Tintu David Joy. Agenda Motivation Better Verification Through Symmetry-basic idea Structural Symmetry and Multiprocessor Systems Mur ϕ verification system.

Tintu David Joy. Agenda Motivation Better Verification Through Symmetry-basic idea Structural Symmetry and Multiprocessor Systems Mur ϕ verification system.
Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.

Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.
1 Programming Languages (CS 550) Mini Language Interpreter Jeremy R. Johnson.

1 Programming Languages (CS 550) Mini Language Interpreter Jeremy R. Johnson.
Chapter 5: Abstraction, parameterization, and qualification Xinming (Simon) Ou CIS 505: Programming Languages Kansas State University Fall 2010 1.

Chapter 5: Abstraction, parameterization, and qualification Xinming (Simon) Ou CIS 505: Programming Languages Kansas State University Fall
Model Checking Concurrent Software Shaz Qadeer Microsoft Research.

Model Checking Concurrent Software Shaz Qadeer Microsoft Research.
Shape Analysis by Graph Decomposition R. Manevich M. Sagiv Tel Aviv University G. Ramalingam MSR India J. Berdine B. Cook MSR Cambridge.

Shape Analysis by Graph Decomposition R. Manevich M. Sagiv Tel Aviv University G. Ramalingam MSR India J. Berdine B. Cook MSR Cambridge.
Context-Sensitive Interprocedural Points-to Analysis in the Presence of Function Pointers Presentation by Patrick Kaleem Justin.

Context-Sensitive Interprocedural Points-to Analysis in the Presence of Function Pointers Presentation by Patrick Kaleem Justin.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Program Representations. Representing programs Goals.

Program Representations. Representing programs Goals.
CS 267: Automated Verification Lecture 10: Nested Depth First Search, Counter- Example Generation Revisited, Bit-State Hashing, On-The-Fly Model Checking.

CS 267: Automated Verification Lecture 10: Nested Depth First Search, Counter- Example Generation Revisited, Bit-State Hashing, On-The-Fly Model Checking.
A survey of techniques for precise program slicing Komondoor V. Raghavan Indian Institute of Science, Bangalore.

A survey of techniques for precise program slicing Komondoor V. Raghavan Indian Institute of Science, Bangalore.
Assembly Code Verification Using Model Checking Hao XIAO Singapore University of Technology and Design.

Assembly Code Verification Using Model Checking Hao XIAO Singapore University of Technology and Design.
1 Concurrency Specification. 2 Outline 4 Issues in concurrent systems 4 Programming language support for concurrency 4 Concurrency analysis - A specification.

1 Concurrency Specification. 2 Outline 4 Issues in concurrent systems 4 Programming language support for concurrency 4 Concurrency analysis - A specification.
Process Analysis Toolkit PAT is A SPIN-like self-contained environment for system specification, visualized simulation and automated verification. PAT.

Process Analysis Toolkit PAT is A SPIN-like self-contained environment for system specification, visualized simulation and automated verification. PAT.
Bandera: Extracting Finite-state Models from Java Source Code James C. Corbett (Hawai’i) Matthew B. Dwyer, John Hatcliff, Shawn Laubach, Corina S. Păsăreanu,

Bandera: Extracting Finite-state Models from Java Source Code James C. Corbett (Hawai’i) Matthew B. Dwyer, John Hatcliff, Shawn Laubach, Corina S. Păsăreanu,
Software Model Checking for Embedded Systems PIs: Matthew Dwyer 1, John Hatcliff 1, and George Avrunin 2 Post-docs: Steven Seigel 2, Radu Iosif 1 Students:

Software Model Checking for Embedded Systems PIs: Matthew Dwyer 1, John Hatcliff 1, and George Avrunin 2 Post-docs: Steven Seigel 2, Radu Iosif 1 Students:
CS 326 Programming Languages, Concepts and Implementation Instructor: Mircea Nicolescu Lecture 18.

CS 326 Programming Languages, Concepts and Implementation Instructor: Mircea Nicolescu Lecture 18.
1 Software Testing and Quality Assurance Lecture 12 - The Testing Perspective (Chapter 2, A Practical Guide to Testing Object-Oriented Software)

1 Software Testing and Quality Assurance Lecture 12 - The Testing Perspective (Chapter 2, A Practical Guide to Testing Object-Oriented Software)
Static Analysis of Embedded C Code John Regehr University of Utah Joint work with Nathan Cooprider.

Static Analysis of Embedded C Code John Regehr University of Utah Joint work with Nathan Cooprider.

Similar presentations

Ads by Google